If you spin up a Windows Instance on Amazon EC2, the only way to get your password to it is using an Amazon-provided command-line tool to decrypt the password (supplying your private SSH Key) or pasting your private SSH key into the Web Interface. That didn't sit too well with me. I'd prefer Amazon not have my private SSH key.
I dug into the web interface, and their 3MB of obfuscated javascript, and found that do the decryption locally in Javascript - as they should. I feel a little better now, but just the same I'd rather not trust them not to go and steal the key, or change it to a server operation for "performance reasons" or something.
The password is padded with PKCS#1 1.5, encrypted, and then put through some odd byte/hex transformations. If you'd like to decrypt the password yourself, locally, I've put up a script on github to do so. It doesn't handle every corner case (encrypted keys being the biggest) but it hopefully it helps you a little.
required, hidden, gravatared
required, markdown enabled (help)
* item 2
* item 3
are treated like code:
if 1 * 2 < 3:
print "hello, world!"
are treated like code: